What the Samsung Pay hack means for going cashless
The cashless revolution means you’ve got increasingly less reason to carry your cards, let alone a wad of notes in your wallet. But after a Samsung-owned contactless payment firm was hacked earlier this year, some are beginning to question how safe this increasingly widespread (and convenient) technology actually is.
The hack
Samsung bought LoopPay, an American company specialising in mobile payment systems, for $250m in February. The move was widely interpreted as an attempt to compete with Apple’s popular Apple Pay application.
However, within weeks LoopPay had been hit by a sophisticated cyber-attack. The hackers, thought to be from a group affiliated to the Chinese government, seem to have been looking for details of the company’s Magnetic Secure Transmission (MST) technology. Unlike the tech used by competitors Apple Pay and Android Pay, MST can be used with up to 90% of card readers used by US retailers. Samsung’s own cashless application, Samsung Pay, does use MST.
When news of the hack was finally made public earlier this month, it raised fears that the personal details of Samsung customers might be at risk. Samsung quickly moved to reassure its customers: “Samsung Pay was not impacted and at no point was any personal payment information at risk,” said Darlene Cedres, the company’s Chief Privacy Officer.
The consequences
However, even if customer data wasn’t put at risk by the attack, the story has exposed the underlying uncertainty many of us feel about the safety of cashless payment technology. A survey of both US and UK consumers conducted by TripWire found that only 1% of shoppers thought in-store mobile payment services were safe.
As convenient as it is, there’s little doubt that the cashless revolution opens up new concerns around privacy. That's why it's vital that innovations in mobile and online security keep pace with developments in payment technology.
The good news is that companies around the world are wising up to the potential risks of cashless, and coming up with ever-more ingenious ways to protect you and your money. Norweigian tech company Zwipe has developed a system that requires the user’s fingerprints to authorise money transfers, for example. In future, expect technology that lets you use your voice or the unique patterns in your eye to do the same.
We'll be keeping you updated on all the latest advances in payment technology and security, so you're clued up on the safe options available to you. Stay up to date with The Money Cloud blog.